added encryption to the tokens, made token redundant for all_log & success_log, added CET as timezone

api.py

@@ -3,6 +3,8 @@ from flask import request, jsonify
 import sqlite3
 from flask import g
 from multiprocessing import Value
+import pytz
+from tokens import secrettoken1, secrettoken2, f1, f2
 
 app = flask.Flask(__name__, static_url_path='', static_folder='static')
 app.config["DEBUG"] = True
@@ -14,6 +16,7 @@ wordList = availableWords.read()
 wordList = wordList.split()
 seedText = "not for self but for all"
 seedTextList = seedText.split()
+tz = pytz.timezone('Europe/Berlin')
 
 from removed_words import delWords
 
@@ -84,7 +87,6 @@ def query_db(query, args=(), one=False):
     cur.close()
     return (rv[0] if rv else None) if one else rv
 
-
 @app.route('/', methods=['GET'])
 def home():
     return '''<h1>Queer API</h1>
@@ -93,16 +95,24 @@ def home():
 
 @app.route('/queermottoAPI/r1/refusal', methods=['GET'])
 def api_args():
-    moment = datetime.datetime.now()
+    moment = datetime.datetime.now(tz)
     timestamp = moment.__str__()
-    orgVal = str(request.args['org'])
+    rqstr = str(request.args['rq'])
-    if orgVal == "refuse-tokenisms-tm-2021":
+    if rqstr == "all_log":
-        org = "Transmediale"
+        all_slogans = query_db('SELECT * FROM mottos;')
-
+        return jsonify(all_slogans)
-    if 'rq' in request.args:
-        rqstr = str(request.args['rq'])
-        if rqstr == "generate":
 
+    if rqstr == "success_log":
+        success_slogans = query_db('SELECT * FROM mottos WHERE GENERATED_MOTTO IS NOT NULL AND GENERATED_MOTTO!="";')
+        return jsonify(success_slogans)
+    if 'org' in request.args:
+        orgVal = str(request.args['org'])
+        orgVal = bytes(orgVal, encoding='utf-8')
+        if (rqstr == "generate" and orgVal == f1.decrypt(secrettoken1)) or (rqstr == "generate" and orgVal == f2.decrypt(secrettoken2)):
+            if orgVal == f1.decrypt(secrettoken1):
+                org = "Transmediale"
+            elif orgVal == f2.decrypt(secrettoken2):
+                org = "Test"
             # Generate the motto
             api_phrase_str = ''
             for i in range(len(seedTextList)):
@@ -132,7 +142,7 @@ def api_args():
                     return jsonify(refusal_message)
 
             # Check the date
-            moment = datetime.datetime.now()
+            moment = datetime.datetime.now(tz)
             if (moment.month==3 and moment.day==8) or (moment.month==5 and moment.day==1) or (moment.month==7 and moment.day==20):
                 refusal_code = 402
                 refusal_message = build_error_three()
@@ -166,16 +176,8 @@ def api_args():
                     cur.execute("INSERT INTO mottos (TIMESTAMP,SEEDTEXT,REFUSAL_CODE,REFUSAL_MESSAGE) VALUES (?,?,?,?)",(timestamp,seedText,refusal_code,refusal_message) )
                     con.commit()
                 return jsonify(refusal_message)
-        elif rqstr == "all_log":
-            all_slogans = query_db('SELECT * FROM mottos;')
-            return jsonify(all_slogans)
-
-        elif rqstr == "success_log":
-            success_slogans = query_db('SELECT * FROM mottos WHERE GENERATED_MOTTO IS NOT NULL AND GENERATED_MOTTO!="";')
-            return jsonify(success_slogans)
-
     else:
-        moment = datetime.datetime.now()
+        moment = datetime.datetime.now(tz)
         timestamp = moment.__str__()
         refusal_code = 402
         refusal_message = build_error_three()
@@ -189,7 +191,7 @@ def api_args():
 
 @app.errorhandler(400)
 def error_fourzerozero(e):
-    moment = datetime.datetime.now()
+    moment = datetime.datetime.now(tz)
     timestamp = moment.__str__()
     refusal_code = 401
     refusal_message = build_error_two()
@@ -202,7 +204,7 @@ def error_fourzerozero(e):
 
 @app.errorhandler(404)
 def error_fourzerofour(e):
-    moment = datetime.datetime.now()
+    moment = datetime.datetime.now(tz)
     timestamp = moment.__str__()
     refusal_code = 401
     refusal_message = build_error_two()
@@ -215,7 +217,7 @@ def error_fourzerofour(e):
 
 @app.errorhandler(500)
 def error_fivezerozero(e):
-    moment = datetime.datetime.now()
+    moment = datetime.datetime.now(tz)
     timestamp = moment.__str__()
     refusal_code = 401
     refusal_message = build_error_two()